Re: [Openvpn-devel] [PATCH 1/3] Refactor/Reformat tls_pre_decrypt

3x minor typos On 22/07/2020 10:30, Arne Schwabe wrote: - Extract data packet handling to its own function - Replace two instances of if (x) { code } with if (!x) return; code - Remove extra curly braces that were used for pre C99 code style to be able to declare

Re: [Openvpn-devel] [PATCH] options: Remove --udp-mtu

> > >> But with alias I feel we just removing them because we found a newer >> nicer name and as a user (especially another dev) removing an alias >> feels like they are removed because of pride/principle that since they >> are old they must be go away. > > This is really not my motivation, I

Re: [Openvpn-devel] [PATCH 8/9] Rename ncp-ciphers to data-ciphers

On 17/07/2020 15:47, Arne Schwabe wrote: > The change in name signals that data-ciphers is the preferred way to > configure data channel (and not --cipher). The data prefix is chosen > to avoid ambiguity and make it distinct from tls-cipher for the TLS > ciphers. > > Signed-off-by: Arne Schwabe

Re: [Openvpn-devel] [PATCH] Support for wolfSSL in OpenVPN

Hi Arne, thank you for your feedback. I tested the patch on the latest master version at the time of writing and it looks like these requirements were added in the last week which is why I wasn't able to address them before.I will look into the new issues and get back to you when they are

Re: [Openvpn-devel] [PATCH] options: Remove --udp-mtu

On 22/07/2020 14:01, Arne Schwabe wrote: > Am 22.07.20 um 11:54 schrieb David Sommerseth: >> Before --link-mtu, it was --udp-mtu. This was changed in >> OpenVPN 1.5_beta1 (release July 2003). It should be safe now >> to remove --udp-mtu, the transition period should have been long >> enough. >>

Re: [Openvpn-devel] [PATCH] Support for wolfSSL in OpenVPN

Am 15.07.20 um 10:26 schrieb Juliusz Sosinowicz: > Hi Everyone, > > do you have an update on the latest patch I sent? There have been > updates to wolfSSL to fix the remaining issues brought up last time. > Yes. I looked at this today in the expectation that I just compile test, do a few quick

[Openvpn-devel] [PATCH] Workaround FreeBSD 12+ race condition on tun/tap open with IPv6.

On FreeBSD 12 (tested and verified on 12.1-RELEASE-p2), after "ifconfig inet6" for a tun/tap interface, there sometimes is a race condition where the "IFDISABLED" flag shows up after a short time frame, under a second, and never clears itself. This disables use of the configured IPv6 address on

Re: [Openvpn-devel] [PATCH] options: Remove --udp-mtu

Am 22.07.20 um 11:54 schrieb David Sommerseth: > Before --link-mtu, it was --udp-mtu. This was changed in > OpenVPN 1.5_beta1 (release July 2003). It should be safe now > to remove --udp-mtu, the transition period should have been long > enough. > > Signed-off-by: David Sommerseth > --- >

[Openvpn-devel] summary of the community meeting @ 2020-07-22

Good morning, we had a nice meeting today, and here's the summary and chatlog: - 2.5 release is nicely taking shape, most features are in, and the code in master is very well tested already - we agree on renaming --ncp-ciphers to --data-ciphers, to make clear that this is not a

[Openvpn-devel] [PATCH] options: Remove --udp-mtu

Before --link-mtu, it was --udp-mtu. This was changed in OpenVPN 1.5_beta1 (release July 2003). It should be safe now to remove --udp-mtu, the transition period should have been long enough. Signed-off-by: David Sommerseth --- src/openvpn/options.c | 3 +-- 1 file changed, 1 insertion(+), 2

[Openvpn-devel] [PATCH 3/3] Clean up a number of leftover C89 initialisations in ssl.c

Signed-off-by: Arne Schwabe --- src/openvpn/ssl.c | 56 +-- 1 file changed, 20 insertions(+), 36 deletions(-) diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 916d2d37..7e5c0805 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -831,10

[Openvpn-devel] [PATCH 1/3] Refactor/Reformat tls_pre_decrypt

- Extract data packet handling to its own function - Replace two instances of if (x) { code } with if (!x) return; code - Remove extra curly braces that were used for pre C99 code style to be able to declare variables in the middle of a block This patch is easier to

[Openvpn-devel] [PATCH 2/3] Cleanup tls_pre_decrypt_lite and tls_pre_encrypt

Mostly C90 -> C99 cleanups and again immediately instead wrapping function body into if. (Review with ignore whitespace) Signed-off-by: Arne Schwabe --- src/openvpn/ssl.c | 219 ++ 1 file changed, 106 insertions(+), 113 deletions(-) diff --git

[Openvpn-devel] [PATCH applied] Re: Indicate that a client is in pull mode in IV_PROTO

Acked-by: Gert Doering Stared at code, loooks good. Tested the client side against an unpatched server -> works (which is not surprising, but worth a test). Then patched the server, tested the patched client again -> works \o/ Jul 22 10:09:15 gentoo tun-tcp-p2mp[5572]: 194.97.140.21:50479

[Openvpn-devel] [PATCH applied] Re: Avoid sending --cipher to clients not supporting NCP

Acked-by: Gert Doering Verify by staring at the testbed. 2.2/2.3 clients or 2.4 or master with --ncp-disable won't get cipher pushed, the rest will. Works! Your patch has been applied to the master branch. commit 4b59e2644a978074f0eed492d6541ba7b30b01a7 Author: Arne Schwabe Date: Fri Jul

[Openvpn-devel] [PATCH applied] Re: t_net.sh: drop hard dependency on t_client.rc

Acked-by: Gert Doering "Works!" Fixed whitespace (indent) while at it... Your patch has been applied to the master branch. commit e6c86b24dbe8b001dfc8b9e9c4fad95e0f5973d4 Author: Antonio Quartulli Date: Tue Jul 21 21:55:18 2020 +0200 t_net.sh: drop hard dependency on t_client.rc